CVE-2026-31861

Cloud CLI aka Claude Code UI is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1.24.0, The /api/user/git-config endpoint constructs shell commands by interpolating user-supplied gitName and gitEmail values into command strings passed to childprocess.exec. The...

CVE-2026-4092

Path Traversal in Clasp impacting versions 3.2.0 allows a remote attacker to perform remote code execution via a malicious Google Apps Script project containing specially crafted filenames with directory traversal sequences...

CVE-2019-25480

ARMBot contains an unrestricted file upload vulnerability in upload.php that allows unauthenticated attackers to upload arbitrary files by manipulating the file parameter with path traversal sequences. Attackers can upload PHP files with traversal payloads ../publichtml/ to write executable code ...

Exploit for CVE-2026-34070

I Found a Path Traversal Bug in LangChain That Could Leak Your...

AppSec-Penetration-Testing-Lab

🔐 AppSec Penetration Testing Lab A hands-on application sec...

SUSE-SU-2026:20879-1 Security update for python-PyJWT

This update for python-PyJWT fixes the following issues: Update to PyJWT 2.12.1: - CVE-2024-53861: prevent partial matching of the Issuer field bsc1234038. - CVE-2026-32597: validate the crit Header Parameter defined in RFC 7515 bsc1259616. Changelog: Update to 2.12.1: - Add missing...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the fixture process. An attacker can access or overwrite arbitrary files by supplying specially crafted input containing path traversal sequences. Details A Directory Traversal attack also known as path traversal...

PT-2026-28381

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.8.6 Description Open WebUI is a self-hosted artificial intelligence platform designed for offline operation. A flaw exists in the speech-to-text transcription endpoint where an unsanitized filename field allows a...

PT-2026-28419

Name of the Vulnerable Software and Affected Versions Mattermost versions 10.11.x through 10.11.10 Mattermost versions 11.2.x through 11.2.2 Mattermost versions 11.3.x through 11.3.1 Mattermost versions 11.4.x through 11.4.0 Description The software does not properly sanitize user-controlled post...

Ubuntu: Security Advisory (USN-8122-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the extract function in Unzip.java. An attacker can write arbitrary files outside the intended extraction directory by crafting zip archives with specially crafted entry names containing directory traversal...

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion in the compose/resolve phase due to using recursive function calls without a depth bound. An attacker can cause the application to throw a RangeError and potentially terminate the Node.js process by supplying a...

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion in the compose/resolve phase due to using recursive function calls without a depth bound. An attacker can cause the application to throw a RangeError and potentially terminate the Node.js process by supplying a...

yaml is vulnerable to Stack Overflow via deeply nested YAML collections

Parsing a YAML document with yaml may throw a RangeError due to a stack overflow. The node resolution/composition phase uses recursive function calls without a depth bound. An attacker who can supply YAML for parsing can trigger a RangeError: Maximum call stack size exceeded with a small payload...

GHSA-48C2-RRV3-QJMP yaml is vulnerable to Stack Overflow via deeply nested YAML collections

Parsing a YAML document with yaml may throw a RangeError due to a stack overflow. The node resolution/composition phase uses recursive function calls without a depth bound. An attacker who can supply YAML for parsing can trigger a RangeError: Maximum call stack size exceeded with a small payload...

Directory Traversal

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Directory Traversal in the pluginRunDatabaseScript.json.php endpoint. An administrator can execute arbitrary SQL commands and disclose sensitive file contents by...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the readDir API endpoint. An attacker can access and enumerate arbitrary directories and retrieve file names by sending crafted requests to the endpoint. Details A Directory Traversal attack also known as path...

curl: Security Vulnerability Report: Protocol Injection via Programmatic Options

Summary Multiple text-based protocol handlers in libcurl including FTP, SMTP, POP3, and IMAP are vulnerable to protocol command injection. This occurs when an application sets credentials or other protocol-specific options programmatically e.g., via CURLOPTUSERNAME, CURLOPTPASSWORD, or...

SUSE-SU-2026:20934-1 Security update for python-PyJWT

This update for python-PyJWT fixes the following issue: Update to PyJWT 2.12.1: - CVE-2026-32597: PyJWT accepts unknown crit header extensions bsc1259616. Changelog: Update to 2.12.1: - Add missing typingextensions dependency for Python 3.11 in 1150 Update to 2.12.0: - Annotate PyJWKSet.keys for...

SUSE-SU-2026:20839-1 Security update for python-PyJWT

This update for python-PyJWT fixes the following issue: Update to PyJWT 2.12.1: - CVE-2026-32597: PyJWT accepts unknown crit header extensions bsc1259616. Changelog: Update to 2.12.1: - Add missing typingextensions dependency for Python 3.11 in 1150 Update to 2.12.0: - Annotate PyJWKSet.keys for...